Two major data leaks point to the problems with current security systems

Both Marriott and Voi have recently had data about millions of their customers leaked, the prior by a hack and the latter by poor security set-up. The conclusion: The current systems for ensuring the safety of our customer’s data are far from sufficient.

In late November last year, the hotel chain Marriott announced that they had been the target of a data hack, exposing the information of 500+ million customers. The hackers had access to the customer data since 2014, but it took Marriott five years to realize they had been hacked. During that time, the hackers had access to names, phone numbers, email addresses, passport numbers, dates of birth and arrival and departure information of 327 million of Marriott’s customers. Besides that, for millions of others, the credit card numbers and card expiration dates were also potentially compromised.

Just a few days ago the electric scooter company Voi, that has placed scooters in major cities all over Europe, had 460.000 of their customer’s names, emails and phone numbers exposed openly on the internet. According to the German media company Bayerischer Rundfunk, the data was accessible by anyone without having to break any rules or even be a very proficient hacker.

Two major data leaks point to the problems with current security systems 2
Photo by Denniz Futalan from Pexels

Both of these incidents are very severe and point to the fact that the systems that many companies rely on to keep their customer’s data safe are insufficient. Whether it be by poor process design, a lack of understanding, or simply an outdated IT-system, there is a great need for better ways to protect the data customers entrust companies with. Poor PR is also not the only thing that can come from such data leaks. In light of the recent EU-directive GDPR, companies now also run the risk of getting hefty fines. In the Marriott-case, the data-breach has been deemed one of the most severe in history, and it will take several months for regulators to investigate the situation fully.

Had the companies instead ensured that the customer data could only be accessed by authorized personnel and had warning systems in place, the breach would either never have been possible or stopped a lot earlier. As a customer in today’s tech-world, your personal data can wreak havoc in your personal life on a scale previously unimagined. A leak such as the ones at Marriott and Voi, should therefore simply not be possible, especially since there are systems available that would have prevented them.

It’s time that companies accept their responsibility, and take measures to ensure that such leaks are not possible. Finding secure IT-systems is not an impossible feat, rather, there are companies like Covr Security that make sure that your customer’s data will remain safe and secure, while still allowing the information to be accessed by the right person at the right time. Security is not just a fancy word to be thrown around in the corporate visionary document, it’s a necessity to ensure that you have a business in the years to come.

/by

Covr Newsletter November 2019

Being a busy startup, things have a habit of moving fast – especially this time of year. Still, I want to take the time to give you a quick roundup of what’s going on in our corner of the digital world.

Enjoy and stay safe,

Patrik Malmberg and the team at Covr Security

New partners

The market for platforms for Open Banking keeps on growing, and we have recently signed major partner agreements to help accelerate PSD2 compliance and Open Banking value creation.

MobiMedia

We are adding our multi-factor authentication solution to MobiMedia’s overall customer offer. MobiMedia is a public company listed on the Warsaw Stock Exchange- They focus on mobile e-commerce and media services and provides mobile marketing and payment solutions in Eastern Europe.

https://bit.ly/2NAiQh3

KPN

KPN is the leading telco, mobile, and network services provider in the Netherlands, with more than 33 million subscribers. Covr Security will be the first company to provide a secure authentication API to their enterprise/third party marketplace. Our API supports advanced multi-factor authentication and mandatory SCA for Open Banking in Europe. 

https://bit.ly/33BDi6N

Precise Biometrics

An essential step in our progress is the joint agreement with biometric fingerprint solution provider Precise. The agreement is strengthening our offer by adding a verification solution for digital services and transactions between mobile units. The initial goal of the partnership is to carry out pilots during the second half of 2019 and then enter into a commercial phase. 

Are you interested in becoming our partner?

We provide our multi-factor authentication-as-a-service to a wide range of industry partners – eID providers, service providers, enterprise partners, mobile carriers, and other security technology providers. Contact us by hitting reply for more informatio

COVR Software Development Kit (SDK) launch

We are as we speak, releasing our comprehensive SDK that gives third party authentication possibilities like password-free logins, instant verifications of financial transactions. Get in touch with us for a walkthrough!

Covr Security out and about

Mats Holmfeldt, our Senior Executive Operations for the Asia Pacific, attended the SCxSC Fintech Conference in Malaysia as Keynote Speaker. SCxSC is organized by the Malaysian Securities Commission every year and is an important forum for Finch innovations in Asia.  https://lnkd.in/d3vMSSm

/by